I have a question regarding storing the securely on the iPhone.Building for iOS 3.0+.
I have a username & password that user enters for connecting to the web-service.Plus there is some more user & app preference data that i am persisting in a plist. I want to encrypt/secure that data.Currently my approach is:
generate an encrypting key on the first launch of an app,store it in keychain.And use it for data encryption & decryption everytime & persist the encrypted data in the plist.
I want to know what is the encryption api that comes with the iOS sdk,way to use it & is this approach right?
Thanks & Best Regards,
Saurabh ;)
Anonymous
For simple data like a username/password, I would definitely go with the Keychain. It was absolutely built for that sort of thing, and additionally its contents are not synchronized to a desktop computer, making it less vulnerable to a brute-force attack than something inside an app’s Documents or Application Support folder.
For separate data, you can also use the keychain, putting the data into the keychain as the ‘password’ (a synonym for ‘valueData’) property of your keychain item. This will gain you the same protection described above.
If you want to keep things outside the keychain then you can use the CommonCrypto API to encrypt its contents using your own private encryption key. You’ll need to make sure that key doesn’t disappear though, which it will if you rely on the Keychain to store it— if the user backs up their device then cleans & restores from that backup, then the encrypted file will be retained but the keychain won’t.
For assistance with either of these approaches, feel free to check out my helper classes for the Keychain API and the CommonCrypto API.
